In communication and data security there are numerous encryption schemes used to protect information. Common encryption schemes rely upon the sender and the receiver having a common understanding as to the method used to encrypt the data and common knowledge of the encryption key employed.
An encryption method is usually a mathematical formula that modifies data that is presented in any suitable form. Data can be in analogue or digital form, however, in current communication systems, data is more commonly communicated in digital form. Such data can be many different types of data including text, numbers, voice and video, as examples. The format of the data can vary widely with telecommunication, computing and other standards and can include binary, hexadecimal, decimal, asynchronous, synchronous or packet data, as examples. Within telecommunication systems, the data may be contained with data packet envelopes used by the telecommunication system to route the packet. It may also be surrounded by levels of hand-shaking and error correction protocols of which one generic example is the internationally recognised ISO 7 layer protocol.
An encryption key specifies how the encryption method operates in any one situation. As an illustrative example, a very simple mathematical formula used at the beginning of cryptography, which is the science of encryption, was to replace one letter of the alphabet with another. In such an example, the key might specify the separation between the letters. A Key of “+1” in this example would mean a letter was replaced by another “+1” removed. So an A would become a B and a B would become a C and so on. With a key of +2, an A would become a C and a B would become a D. Minus keys would operate in reverse by substituting earlier letters, for example “−1” would result in an “A” being replaced by a “Z” in a purely alphabetical series.
In modern cryptography, the encryption methods can be quite complex. Common examples include the widely used DES (Data Encryption Standard) and the increasingly employed AES (Advanced Encryption Standard).
In general, the larger the key, the more secure is the encrypted data. This is because a larger key allows greater mathematical possibilities in encryption. For example, a key consisting of two binary bits allows only 4 possibilities for that key. If the encryption method is known, then trying all 4 possibilities will unlock the encrypted data. A 256-bit key, by comparison, allows up to 1.16×1077 combinations. Therefore, even when the encryption method is known, to unlock data encrypted with a 256-bit key by trial and error is difficult even with high speed computers that are normally employed for such tasks.
In some encryption applications, the key can have two or more parts, one of which may be public and one private to the parties.
Theoretically, the best form of encryption is one which uses a method based upon complete randomness. Clearly a completely random encryption method would be unpredictable and always changing, hence being virtually impossible to crack. However, from a practical perspective, complete randomness is currently impossible to implement in a usable encryption system. An encrypted message also needs to be decrypted. Without some measure of predictability to the encryption method there would be no practical way for an authorised decrypting party to decrypt a randomly encrypted message.
An historical example of an attempt at using randomness in cryptography is the One-Time Pad. A One-Time Pad is a randomly generated list of numbers, letters or symbols longer than the message to be sent and is used as the key to encrypt and decrypt the message. A variety of encryption methods can be used. A simple example is the substitution of one character for another progressively using the contents of the One-Time Pad to make the substitutions. The sender and receiver of messages would both possess the same One-Time Pad which has to be communicated securely between them, usually at some time in the past, and then kept secure prior to use. The sender would encrypt a message using the One-Time Pad. The receiver would use their same One-Time Pad to decrypt the message. If the receiver did not know the One-Time Pad (which of itself is the key in this example), then the sender would be required to inform the receiver of the Pad in an unencrypted manner. Conceivably, the Pad or key could be intercepted and compromised during transmission. However, unless the Pad (key in this case) was intercepted, because the One-Time Pad was randomly generated, it was unpredictable and could not otherwise be deduced without other information. Therefore, even if a codebreaker knew the encryption method it would be impossible to predict the One-Time Pad without additional information. The problem with the One-Time Pad was that if the same One-Time Pad was continuously used, then it was found that codebreakers could eventually recreate the One-Time Pad by using other information such as the structure of language it encrypted or guesses as to the content etc. Therefore, One-Time Pads were only reliably secure when used only once, hence the name.
One-Time Pads have been widely used in the past and may readily be generated by computers using software programs. However, as the volumes of traffic are high, the quantity and length of One-Time Pads becomes very large. It is also costly and difficult to transfer these between geographically remote parties and to keep them secure until required for use. Furthermore the quantity of such pads is difficult and costly to manage, especially in distributed multi-party situations, which is exactly where you do want to use them for security of far-flung operations. Overall, the secure transfer, storage and management of One-Time Pads is prohibitive for all but the most demanding applications.
For these reasons most commercial grade encryption systems use a standard algorithm such as the international Data Encryption Standard (DES) or the Advanced Encryption Standard (AES) and short one or two-part key that can be transferred between the parties with more ease and security than One-Time Pads. Such keys are typically 256 or 512 bits at the time of writing but will inevitably get bigger as computers become faster. The penalty for this, however, is a lower level of resistance to decryption and a large key-management overhead to administer and manage the keys.
In US patent application no. 2003/0156721, there is disclosed an encryption method for communication between units. Each unit is arranged to independently generate the same encryption key. The encryption key is generated based upon a constant “seed” value and a current value appearing on a periodically incrementing counter. The “seed” value is intended to be known only by each unit and the counters of each unit are synchronised so as to provide the same counter value at any particular time. While the disclosed method does provide encrypted communication without requiring any insecure communication of encryption key data, it is noted that the method may prove vulnerable to unauthorised decrypting by a determined codebreaker. Given that the “seed” value never changes, it is a constant and static value. The counter is incremented in a predetermined, fixed rate. Therefore, the counter value at any one time has a direct correlation with time. Hence, once the “seed” value is determined and the counter rate is determined, the encryption method becomes exposed to unauthorised decryption. It is expected that these parameters could be determined after intercepting a certain number of encrypted communications.
It is an object of the present invention to provide an alternative secure communication method which does not require the key itself to be communicated between the authorised parties.